[Opensim-dev] Mantis#2816 patch and openid

Cristina Videira Lopes lopes at ics.uci.edu
Tue Dec 16 17:40:55 UTC 2008 

+1 here too.

Authentication is something that is critically missing from the 
hypergrid right now. I think this patch is the beginning of making 
things more secure in a globally decentralized environment.

I don't know the details of the OpenID protocol, and I don't know how it 
compares to other authentication protocols, if we had to choose. But I 
really like that this makes UGAIM *providers*, not consumers, of 
authentication services. So if I have my HG standalone at 
home.smopr.com, I can use my account here, and other services can check 
that this account exists with my UGAIM. From then on, they can decide 
whether to authorize me or not.

I dislike the idea of just a handful of identity services on the entire 
web. Let's have a million. Trust then becomes more aligned with the 
social lines of trust.

Crista

Justin Clark-Casey wrote:
> Mic Bowman wrote:
>   
>> inventory & asset server extensions that leverage openid will be
>> posted on the distributed asset forge project soon. we're working to
>> validate the concepts in the forge project & then start carving the
>> changes up into smaller chunks for incremental patching once we've
>> convinced ourselves that this is useful. the openid parts are pretty
>> fundamental to making any of these external services work so it seemed
>> like a good starting point.
>>     
>
> Personally, I'm inclined to say +1 to the OpenID user server patch.  It's fairly small and provides functionality that 
> is generally useful.  Having it in core will also make it easier to experiment and think about the distributed services 
> that John and any others are developing.
>
> Perhaps this would be more ideal as a module, but a module system would have to be put in place first.  The wait could 
> be quite long (though I'm happy to be proven wrong :)
>
>   
>> --mic
>>
>> On Mon, Dec 15, 2008 at 2:23 PM, Sean Dague <sdague at gmail.com> wrote:
>>     
>>> Mic Bowman wrote:
>>>       
>>>> So this is really an API that can be used to apply the set of
>>>> identities managed by the user server to other services. A couple more
>>>> places this could be useful... the web interfaces like opensimwi
>>>> currently manipulate the database directly in order to perform
>>>> authentication for account management. Also, the Alan's REST
>>>> interfaces for asses & inventory on the region server currently cannot
>>>> authenticate a specific user in grid mode (there is no API & the User
>>>> server does not hand out the hashed password to the region server in
>>>> grid mode).
>>>>
>>>> The choice of OpenID vs some other API is really just a choice to
>>>> support a fairly standard API rather than invent something new.
>>>>         
>>> Ok, so this is about exposing the OpenSim data to things other than the
>>> client.  That makes a bit more sense from what I saw in the patch.
>>>
>>> It would be nice to see an example of how this would be used in the
>>> OpenSim Inventory server, for instance.  But I see how this could be a
>>> good first step in that direction.
>>>
>>>        -Sean
>>>
>>> --
>>> Sean Dague / Neas Bade
>>> sdague at gmail.com
>>> http://dague.net
>>>
>>>
>>>
>>> _______________________________________________
>>> Opensim-dev mailing list
>>> Opensim-dev at lists.berlios.de
>>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>>
>>>
>>>       
>> _______________________________________________
>> Opensim-dev mailing list
>> Opensim-dev at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
>>     
>
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20081216/3393bf8b/attachment-0001.html>

More information about the Opensim-dev mailing list